News

Critical infrastructure 'under attack' from cyber criminals

The latest security report from McAfee has shown our daily utilities of gas, oil and electricity are under threat from an increasing number of attacks by cyber criminals.

28 Jan 2010

Critical infrastructure - such as electricity grids and gas production - is increasingly under threat from cyber criminals, according to a report released today.

The study from security company McAfee shows that over half of the 600 IT security executives it questioned from such sites have already suffered large-scale attacks or infiltrations from organised crime gangs, terrorists or nation-states at a cost of $6.3 million per day for downtime.

This is set to continue with 40 per cent of respondents claiming they expected similar attacks in the next 12 months.

The report claimed that these types of sites have traditionally only needed to protect themselves for the physical attacks using "guards, gates and guns", but the increase of computer networks and external connections to other organisations has posed new risks that providers may not be so prepared for.

"In today's economic climate, it is imperative that organisations prepare for the instability that cyber attacks on critical infrastructure can cause," said Dave DeWalt, president and chief executive of McAfee.

While 37 per cent of the IT executives thought their sector was more vulnerable that before, just 20 per cent thought it was safe for attempted attacks over the next five years.

The implications of these attacks could be incredibly serious for both the companies and those who use their utilities.

"From public transportation, to energy to telecommunications, these are the systems we depend on every day," added DeWalt.

"An attack on any of these industries could cause widespread economic disruptions, environmental disasters, loss of property and even loss of life."

Yet despite the possibly catastrophic outcomes, the report also showed recessionary cutbacks had affected the budgets of two-thirds of IT executives trying to deal with such threats.

Stewart Baker, a distinguished visiting fellow at the Centre for Strategic and International Studies (CSIS), which produced the report, believed it was key for governments to get involved with regulation to help.

"The relationships between the governments and private sector organisations involved are complex but it is essential that each have faith in the others ability," he said in a statement.

"The security industry will always strive to stay one step ahead, but in the absence of any technological silver bullet, regulation has a role to play in defending critical infrastructures around the world."